dev-db/postgresql: Security Bump

Security update fixes issues:

1. CVE-2015-5288: The crypt() function included with the optional
pgCrypto extension could be exploited to read a few additional bytes
of memory. No working exploit for this issue has been developed.

2. CVE-2015-5289: json or jsonb input values constructed from
arbitrary user input can crash the PostgreSQL server and cause a
denial of service.

Also added note for new installations that re-sourcing /etc/profile is
reuiqred to pick up environment changes, like MANPATH so man can find
pages installed in non-standard locations.

Package-Manager: portage-2.2.20.1

1 files changed, 8 insertions, 0 deletions

diff --git a/dev-db/postgresql/postgresql-9999.ebuild b/dev-db/postgresql/postgresql-9999.ebuild
index 6dec347e1338..36e35fdb8ba3 100644
--- a/dev-db/postgresql/postgresql-9999.ebuild
+++ b/dev-db/postgresql/postgresql-9999.ebuild
@@ -204,6 +204,14 @@ pkg_postinst() {
 	elog "If you need a global psqlrc-file, you can place it in:"
 	elog "    ${EROOT%/}/etc/postgresql-${SLOT}/"
 
+	if [[ -z ${REPLACING_VERSIONS} ]] ; then
+		elog
+		elog "It looks like this is your first time installing PostgreSQL. Run the"
+		elog "following command in all active shells to pick up changes to the default"
+		elog "environemnt:"
+		elog "    source /etc/profile"
+	fi
+
 	elog
 	elog "Gentoo specific documentation:"
 	elog "https://wiki.gentoo.org/wiki/PostgreSQL"